The federal government of Maine has confirmed over one million state residents had private info stolen in a data breach earlier this 12 months by a Russia-linked ransomware gang.
In a press release printed Thursday, the Maine authorities mentioned hackers exploited a vulnerability in its MOVEit file-transfer system, which saved delicate information on state residents. The hackers used the vulnerability to entry and obtain information belonging to sure state businesses between Could 28 and Could 29, the assertion learn.
The Maine authorities mentioned it was disclosing the incident and notifying affected residents as its evaluation of the impacted information “was not too long ago accomplished.”
Maine mentioned that the stolen info could embrace an individual’s identify, date of start, Social Safety quantity, driver’s license and different state or taxpayer identification numbers. Some people had medical and medical insurance info taken.
The assertion mentioned the state holds details about residents “for numerous causes, reminiscent of residency, employment, or interplay with a state company,” and that the info it holds varies by individual.
In response to the state’s breakdown of which businesses are affected, greater than half of the stolen information pertains to Maine’s Division of Well being and Human Providers, with as much as a few third of the info affecting the Maine’s Division of Training. The remaining information impacts numerous different businesses, together with Maine’s Bureau of Motor Automobiles and Maine’s Division of Corrections, although the federal government notes that the breakdown of data is topic to vary.
Greater than 1.3 million folks dwell within the state of Maine, in accordance with the U.S. Census Bureau.
The Maine state authorities is the most recent sufferer to reveal a breach associated to the MOVEit mass hack, regarded as the biggest hacking incident of the 12 months by the numbers of victims alone.
MOVEit programs are file switch servers utilized by 1000’s of organizations all over the world to maneuver massive units of often-sensitive information over the web. In Could, the system’s maker Progress Software program fastened a vulnerability that allowed cybercriminals — particularly the infamous Clop ransomware and extortion gang — to mass-hack MOVEit servers all over the world and steal the purchasers’ delicate information saved inside.
Emsisoft lists Maine’s security incident because the eleventh largest MOVEit-related breach disclosed on the time of writing, behind Ontario’s start registry; the states of Colorado, Oregon, and Louisiana; and U.S. authorities contractor Maximus. A number of U.S. federal businesses have been additionally affected together with the U.S. Division of Power.
Clop has not but listed Maine on its leak web site because it has with different MOVEit-related victims. Ransomware gangs typically publish parts of the stolen information to extort organizations into paying a ransom. The Clop gang has beforehand claimed it deletes authorities information. Cybercriminals are identified to mislead or outright lie if it leads to them getting paid, or retain the stolen information if it may be financially invaluable elsewhere.
Clop is a Russia-speaking ransomware gang, which researchers have linked to earlier mass-hacking incidents involving comparable file switch instruments, together with Fortra’s GoAnywhere file switch device and Accellion’s file switch utility.
Final week, Progress Software program mentioned in a regulatory submitting that the U.S. Securities and Change Fee had subpoenaed the corporate searching for “numerous paperwork and data” associated to the MOVEit vulnerability. Progress mentioned it intends to “cooperate totally” with the SEC’s investigation.
